Securing Web Applications Created with Google Web

Toolkit.......................................... 159
Overview: Securing Java web applications created with Google Web Toolkit
elements...........................................................................
........................................ 159
Creating a Google Web Toolkit
profile.................................................................159
Associating a Google Web Toolkit profile with a
URL......................................... 160
Implementation
result.............................................................................
........................161
Adding Server Technologies to a
Policy.............................................................................
..163
Overview: Adding server technologies to a
policy..........................................................163
Automatically adding server
technologies......................................................................1
63
Refining Security Policies with
Learning...........................................................................
.. 165
About
learning...........................................................................
.....................................165
About learning
suggestions........................................................................
....................165
What suggestions look
like...............................................................................
...166
What violations are
unlearnable?.......................................................................
............166
Configuring how entities are
learned............................................................................
. 167
Learning from
responses..........................................................................
..................... 168
Learning based on response
codes..............................................................................
.169
Reviewing learning
suggestions........................................................................
.............169
Viewing requests that caused learning
suggestions...................................................... 171
Viewing and allowing ignored
suggestions.................................................................... 172
About enforcement
readiness..........................................................................
.............. 172
Enforcing
entities...........................................................................
.................................172
Exploring security policy action
items............................................................................
173
Changing How a Security Policy is
Built..............................................................................
175
Overview: Changing how a security policy is
built......................................................... 175
Changing how to build a security
policy.............................................................. 175
Adding trusted IP addresses to a security
policy................................................ 177
Learning host names
automatically.....................................................................1
77
Classifying the content of learned
parameters....................................................178
Specifying whether to learn integer
parameters..................................................178
Specifying when to learn dynamic
parameters................................................... 179
Collapsing entities in a security
policy.................................................................180
Changing how cookies are
enforced................................................................... 180
Limiting the maximum number of policy
elements.............................................. 181
Classifying the content of requests to
URLs....................................................... 182
Specifying the file types for wildcard
URLs......................................................... 183
Disabling full policy
inspection.........................................................................
....183
Stopping and starting automatic policy
building.................................................. 184
Configuring Security Policy
Blocking...........................................................................
........185
About security policy
blocking...........................................................................
.............185
Changing security policy
enforcement................................................................ 185
Configuring blocking actions for
violations.......................................................... 186
Configuring HTTP protocol compliance
validation.............................................. 187
Configuring blocking actions for evasion
techniques...........................................187
Configuring blocking actions for web services
security....................................... 188
Configuring What Happens if a Request is
Blocked........................................................... 191